[tor-bugs] #22407 [Core Tor/Tor]: Support HTTP CONNECT tunnels as an alternative to SOCKS

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Jul 9 04:48:01 UTC 2017 

#22407: Support HTTP CONNECT tunnels as an alternative to SOCKS
-------------------------------------------------+-------------------------
 Reporter:  nickm                                |          Owner:
     Type:  defect                               |         Status:  new
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  unspecified
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-client pt-v2 application-        |  Actual Points:
  support http-connect needs-design prop229      |
Parent ID:                                       |         Points:  5
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by cypherpunks):

 HTTP CONNECT also supports authentication, which can be used in place of
 SOCKS' password authentication, which Tor uses for isolating circuits.
 It's implemented simply as an HTTP header, which the RFC shows with the
 example header `Proxy-Authorization: basic aGVsbG86d29ybGQ=`. To the best
 of my knowledge, HTTP CONNECT supports all features which Tor uses from
 SOCKS proxies, so no strange hacks would be required to permit full usage
 of this protocol. It is a very simple protocol (when the CONNECT method is
 the only one implemented), so it can be made very simple and secure.

 In terms of difficulties I get when using Tor, I'd say that the lack of
 HTTP proxy support is in my top 5 grievances. It is not pleasant needing
 to use the ugly hack that is libtorsocks to hook (and often break) a
 program that fully supports HTTP proxies. As the OP stated, this shouldn't
 be a complex, caching, featureful "secure HTTP proxy", but just a simple
 alternative to `SOCKSPort`.

 Are there no objections to the spirit of this ticket, making actual
 implementation and discussion of specific behavior the only thing holding
 this back?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22407#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list